SYSTEM AND METHOD FOR SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

US 20130167238A1
Filed: 12/23/2011
Published: 06/27/2013
Est. Priority Date: 12/23/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset;

selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and

using the selected scripts to scan the asset.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method in one embodiment includes identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset, selecting one or more scripts that include checks for vulnerabilities in a union of the set of known vulnerabilities and the set of new vulnerabilities, and using the selected scripts to scan the asset. Known vulnerabilities and new vulnerabilities may be identified by accessing results of previous scans on the asset. The method may also include identifying a plurality of assets to scan in a network, identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets, and inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.

16 Citations

20 Claims

1. A method comprising:
- identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset;
  
  selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and
  
  using the selected scripts to scan the asset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein vulnerabilities that have been previously tested and known not to exist in the asset are not included in the selected scripts.
  - 3. The method of claim 1, wherein identifying the set of known vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate the known vulnerabilities.
  - 4. The method of claim 1, wherein identifying the set of new vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate a set of scanned vulnerabilities; and
      
      determining vulnerabilities included in a universal set of vulnerabilities in a computer system that are not in the set of scanned vulnerabilities.
  - 5. The method of claim 1, further comprising:
    - storing results of the scan in a results database.
  - 6. The method of claim 1, further comprising:
    - identifying a plurality of assets to scan in a network;
      
      identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets; and
      
      inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.
  - 7. The method of claim 6, further comprising:
    - using the selected scripts to scan substantially all assets in the plurality of assets.
  - 8. The method of claim 6, wherein the plurality of assets is identified by a range of Internet Protocol (IP) addresses.

9. An apparatus comprising:
- a memory element configured to store data; and
  
  a processor operable to execute instructions associated with the data, wherein the apparatus is configured for;
  
  identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset;
  
  selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and
  
  using the selected scripts to scan the asset.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The apparatus of claim 9, wherein identifying the set of known vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate the known vulnerabilities.
  - 11. The apparatus of claim 9, wherein identifying the set of new vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate a set of scanned vulnerabilities; and
      
      determining vulnerabilities included in a universal set of vulnerabilities in a computer system that are not in the set of scanned vulnerabilities.
  - 12. The apparatus of claim 9, wherein the apparatus is further configured for:
    - storing results of the scan in a results database.
  - 13. The apparatus of claim 9, wherein the apparatus is further configured for:
    - identifying a plurality of assets to scan in a network;
      
      identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets; and
      
      inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.
  - 14. The apparatus of claim 13, further comprising:
    - using the selected scripts to scan substantially all assets in the plurality of assets.

15. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
- identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset;
  
  selecting one or more scripts comprising checks for vulnerabilities included in a union of the set of known vulnerabilities and the set of new vulnerabilities; and
  
  using the selected scripts to scan the asset.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The logic of claim 15, wherein identifying the set of known vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate the known vulnerabilities.
  - 17. The logic of claim 15, wherein identifying the set of new vulnerabilities comprises:
    - accessing results of previous scans on the asset, wherein the results indicate a set of scanned vulnerabilities; and
      
      determining vulnerabilities included in a universal set of vulnerabilities in a computer system that are not in the set of scanned vulnerabilities.
  - 18. The logic of claim 15, further comprising:
    - storing results of the scan in a results database.
  - 19. The logic of claim 15, further comprising:
    - identifying a plurality of assets to scan in a network;
      
      identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets; and
      
      inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.
  - 20. The logic of claim 19, further comprising:
    - using the selected scripts to scan substantially all assets in the plurality of assets.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Russell, Braden, Mallabarapu, Charles, Hugard, James M. IV

Granted Patent

US 8,789,190 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

H04L 63/1433 Vulnerability analysis

SYSTEM AND METHOD FOR SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links